True Type Font Parsing Elevation of Privilege Vulnerability



Published: 2016-12-13
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-7182
CWE-ID CWE-119
Exploitation vector Local
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
Microsoft Office
Client/Desktop applications / Office applications

Word Viewer
Client/Desktop applications / Office applications

Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Microsoft Lync
Client/Desktop applications / Messaging software

Lync Attendee
Client/Desktop applications / Messaging software

Microsoft Live Meeting
Client/Desktop applications / Messaging software

Vendor Microsoft

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Privilege escalation

EUVDB-ID: #VU975

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2016-7182

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: Yes

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Microsoft Windows kernel-mode driver (Win32k). By running a malicious program on the affected system attackers can execute arbitrary code with SYSTEM privileges.

Successful exploitation of the vulnerability may result in a complete system compromise.

Mitigation

Install updates from Microsoft website.

Vulnerable software versions

Microsoft Office: 2010

Windows: 7 - Vista

Windows Server: 2008 - 2008 R2

Word Viewer: 2007

Microsoft Lync: 2010 - 2013

Lync Attendee: 2010

Microsoft Live Meeting: 2007 Console


CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-7182

Q & A

Can this vulnerability be exploited remotely?

How the attacker can exploit this vulnerability?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###